Decoder's Tatami

Purpose

"Decoder's Tatami" is a reverse-engineering framework to decode the Windows executables.

There are 30 functions (60.00% Done).

If you wanna decode target.exe (for example), the target name is target. Please follow the following procedure:

Install Python3.
Install CodeReverse2 and RisohEditor.
- CodeReverse2: https://github.com/katahiromz/CodeReverse2
- RisohEditor: https://github.com/katahiromz/RisohEditor
RisohEditor is optional.
Copy the Template folder as a target folder. And then, copy target.exe into target folder.
Modify CR2, RISOHEDITOR, and targets in config.py.
Modify THE_TARGET_NAME and THE_FILENAME settings in target/decode.py.
Execute python decode.py.
The assembly files will be generated in target folder.
Execute python update_status.py.
The results will be written to README.md, target/README.md and target/status.html.
Analyse the assembly files and write the decoded text on target/analysis/*.txt, using Decoder's notation of below. If the analysis is done, please append Q.E.D. to each text file.
Execute python update_status.py again. Back to 8 unless everything has been decoded.
If every decoding is done, you're lucky.

We declare the first is 1th (We don't use 0th).
A [=>] B means "Program A derives Program B.".
A [==] B means "Program A is (almost) the same as Program B.".
ARGC is the number of parameters of the target function.
ARGV[0] means the target function.
ARGV[1] means the first parameter of the target function. ARGV[2] means the second parameter of the target function. The same applies thereafter.
RET is the return value of the target function.
F.ARGC is the number of parameters of function F.
F.ARGV[1] means the first parameter of function F. F.ARGV[2] means the second parameter of function F. The same applies thereafter.
F.RET is the return value of function F.
assert(X); declares expression X is true at there.
typeof(X) is the same as the type of expression X.
Q.E.D. means "Analysis is done.".